<?php 
session_start();

//管理员审核
include '../public/common/mysql_connect.php';

$username=$_POST['username'];
$password=$_POST['password'];
// $password=md5($_POST['password']);

$sql="select * from user where username='{$username}' and password='{$password}' and isadmin=1";

$rst=mysqli_query($conn,$sql);

$row=mysqli_fetch_assoc($rst);

if($row){
	date_default_timezone_set('PRC');	//更改php的默认时区为北京时区
	$_SESSION['admin_username']=$username;
	$_SESSION['admin_userid']=$row['id'];
	$_SESSION['last_time']=$row['last_login'];
	// print_r($_SESSION);exit;
	$cur_time=time();
	$sql="update user set last_login='{$cur_time}' where username ='{$username}'";
	mysqli_query($conn,$sql);
	// echo "本次登陆的时间为：".date('Y-m-d H:i:s',$cur_time);
	// echo "<br />";
	// echo "上次登陆的时间为：".date('Y-m-d H:i:s',$_SESSION['last_time']);
	// exit;
	echo "<script>location='index.php'</script>";
}else{
	echo "<script>alert('用户名或密码有误!')</script>";
	echo "<script>location='login.php'</script>";
}
?>